General discussion

NEWS - February 22, 2005

U.S. makes first arrest for spim
By Will Sturgeon, CNET News.com
Published on ZDNet News: February 21, 2005, 12:10 PM PT

A U.S teenager has become the first person to be arrested on suspicion of sending unsolicited instant messages--or spim.

Anthony Greco, 18, was lured from New York to Los Angeles under the pretence of a business meeting. He was arrested upon arrival at Los Angeles International Airport last Wednesday.

Greco allegedly sent 1.5 million messages advertising pornography and mortgages. According to reports, the recipients of the messages were all members of the MySpace.com online networking service.

In a further twist upon the scam, Greco had allegedly threatened to share his methods for spamming members of the group if MySpace.com didn't sign an exclusive marketing deal that would have legitimized the messages he was sending via the service.

Greco believed he was flying to Los Angeles to cement that agreement with MySpace President Tom Anderson.

MySpace.com launched IM for its members in December 2003. Reports claim Greco began spamming members using the service in autumn 2004.

more here
http://news.zdnet.com/2100-1009_22-5584574.html?tag=zdnn.alert

Discussion is locked

Follow
Reply to: NEWS - February 22, 2005
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: NEWS - February 22, 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Zero-Day Attacks: The Threat is Real

"Over the past few years, the visibility of a dangerous type of attack known as "zero-day" has increased. So has the confusion around what exactly constitutes such an attack. Fueled by the growing concerns of network security managers, vendors claim they are working rapidly to address the threat. But the prevalence of these attacks and the enormity of the damage they can cause are grossly underestimated. The key to combating the danger of zero-day attacks is to fully comprehend what they are, how they occur and what efforts are under way to stop them."

Complete article in http://www.securitypark.co.uk/article.asp?articleid=23438&CategoryID=1

- Collapse -
Worm tries to entice with 'lov ya' message

Published: February 22, 2005, 11:28 AM PST
By Dan Ilett
Special to CNET News.com

Five years after the world fell victim to the "I love you" virus, a malicous-software writer is trying a similar trick on unsuspecting users.

Antivirus company Sophos unearthed the new mass-mailing worm, dubbed Assiral, on Monday. It mimics the earlier virus, which used the phrase "I love you" in subject lines to entice recipients into opening the destructive e-mail and attachment (which was typically titled "love-letter-for-you"). The original bug wrought havoc on networks around the world, but Sophos doesn't think Assiral will be as destructive.

"The Assiral worm uses an old trick to seduce users into believing they may have received a romantic love letter," said Graham Cluley, senior technology consultant for Sophos. "It's almost five years since the infamous Love Bug worm fooled millions of Windows users around the world using a similar tactic--and it seems unlikely that Assiral will have anything like as much impact."

more here
http://news.com.com/Worm+tries+to+entice+with+lov+ya+message/2100-7349-5585744.html?part=dht&tag=ntop&tag=nl.e433

- Collapse -
Singapore to create threat center

Published: February 22, 2005, 8:38 AM PST
By Reuters

Singapore plans to spend $23 million over three years to battle online hackers and other forms of cyberattack, government officials said Tuesday.

Describing the infrastructure behind the Internet as a "nerve system" in Singapore, Deputy Prime Minister Tony Tan said a new National Cyber-Threat Monitoring Center will maintain round-the-clock detection and analysis of computer virus threats.

"We cannot afford to treat the threats from cyber terrorists, cyber criminals and irresponsible hackers lightly," Tan said in a speech while unveiling an information-technology security "master plan" in the tech-savvy city-state.

more here
http://news.com.com/Singapore+to+create+threat+center/2100-7349_3-5585523.html?tag=fd_nbs_ent&tag=nl.e433

- Collapse -
How Serious Is That Security Flaw?

Microsoft and Symantec are backing a plan to create a severity scoring system for software holes.

Paul Roberts, IDG News Service
Tuesday, February 22, 2005
Leading IT companies including Cisco Systems, Microsoft, and Symantec are promoting a rating system that will standardize the measurement of the severity of software vulnerabilities.

A plan for the new system, called the Common Vulnerability Scoring System (CVSS), was unveiled at last week's RSA Conference in San Francisco. If widely adopted, the new system will provide a common language for describing the seriousness of computer security vulnerabilities and replace different, vendor-specific rating systems, according to a presentation on the system by Mike Schiffman, a researcher at Cisco.

http://www.pcworld.com/news/article/0,aid,119748,tk,dn022205X,00.asp

- Collapse -
New Sober Worm Spreading Quickly

Mass-mailer worm is considered more aggressive than earlier versions.

James Niccolai, IDG News Service
Tuesday, February 22, 2005
A new version of the Sober worm wriggled out of its hole early on Monday and set about quickly attacking computers in Europe and the U.S., a security services company says. The worm is a mass-mailer, meaning it spreads itself via e-mail using contacts listed in the address books of computers it infects.

The first instance of the worm, called W32.Sober-K-mm, was intercepted by U.K. security company MessageLabs. The company detected 663 instances of the worm in the first hour, and the figure climbed quickly to more than 2,200 instances over the next five to six hours, prompting MessageLabs to give it a high-risk rating, says Maksym Schipka, a senior antivirus researcher with the company.

http://www.pcworld.com/news/article/0,aid,119750,tk,dn022205X,00.asp

CNET Forums

Forum Info